snakekeylogger | f752e5b8c41313e087a72ee4a176b1cf8228f72db44ba5f03813a1da4ed70bf1 | Triage

Submit
Reports

Overview

overview

Static

static

eMFbW0JwBkwqaDY.exe

windows7_x64

eMFbW0JwBkwqaDY.exe

windows10-2004_x64

Sharing

General

Target

eMFbW0JwBkwqaDY.exe
Size

574KB
Sample

220706-tagh5sgfb2
MD5

e494d544690d5dfcb123b8ab59b3cf31
SHA1

27088c1c325ad44bd82ed8bf0bf7113a8559ba97
SHA256

f752e5b8c41313e087a72ee4a176b1cf8228f72db44ba5f03813a1da4ed70bf1
SHA512

23ee9afe5d558dfc5ff8dd8590ad6b68e46b4d1906bd570667e45a610f9877777ca71c67d5bed4cc5f3fc6d964ff5a242febc50435f7efe61a262c7c52032bea

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

eMFbW0JwBkwqaDY.exe

Resource

win7-20220414-en

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

eMFbW0JwBkwqaDY.exe

Resource

win10v2004-20220414-en

snakekeylogger collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stilltech.ro
Port:
587
Username:
office@stilltech.ro
Password:
eurobit555ro
Email To:
prolifikinstruments@gmail.com

Targets

- Target
  
  eMFbW0JwBkwqaDY.exe
- Size
  
  574KB
- MD5
  
  e494d544690d5dfcb123b8ab59b3cf31
- SHA1
  
  27088c1c325ad44bd82ed8bf0bf7113a8559ba97
- SHA256
  
  f752e5b8c41313e087a72ee4a176b1cf8228f72db44ba5f03813a1da4ed70bf1
- SHA512
  
  23ee9afe5d558dfc5ff8dd8590ad6b68e46b4d1906bd570667e45a610f9877777ca71c67d5bed4cc5f3fc6d964ff5a242febc50435f7efe61a262c7c52032bea
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy